Cryptology - Unofficial St. Mary's College of California Web Site
Cryptology - Unofficial St. Mary's College of California Web Site
Cryptology - Unofficial St. Mary's College of California Web Site
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
242 CHAPTER 12. RSA<br />
Perhaps not surprisingly, given the last several sections, the solution to all<br />
three <strong>of</strong> these difficulties will come from the same modification: instead <strong>of</strong> working<br />
modulo 26 we will work modulo P Q, where P and Q are two (large) primes.<br />
From Euler’s generalization <strong>of</strong> Fermat’s Theorem, we know that a (P −1)(Q−1) ≡ 1<br />
(mod P Q) whenever neither P nor Q divides a. So if we cleverly pick d (using<br />
the Euclidean Algorithm) to be the solution to ed ≡ 1 (mod (P − 1)(Q − 1)),<br />
then we have<br />
(<br />
a<br />
e ) d<br />
≡ a ed ≡ a (mod P Q).<br />
That is, raising to the d-th power will reverse the effect <strong>of</strong> raising the e-th<br />
power. 9 We will be able to decipher messages.<br />
Further, having two letters that become the same when enciphered will be<br />
impossible: if m e ≡ n e (mod P Q), then<br />
m ≡ m ed ≡ (m e ) d ≡ (n e ) d ≡ n ed ≡ n<br />
(mod P Q).<br />
So two letters (or messages) that are enciphered to the same letter (or message)<br />
were actually the same to start. That is, different letters are enciphered<br />
differently.<br />
Finally, there is the question <strong>of</strong> choices <strong>of</strong> e and d: are there enough so that<br />
our supposed enemy cannot stumble upon d simply by trying all the possibilities.<br />
Notice first that different choices <strong>of</strong> e can lead to the same actual encryption.<br />
We pointed this out in the case <strong>of</strong> prime moduli: if e ≡ e ′ (mod P − 1) then<br />
m e ≡ m e′ (mod P ). The same is true modulo (P − 1)(Q − 1): if if e ≡ e ′<br />
(mod (P − 1)(Q − 1)) then m e ≡ m e′ (mod P Q). So it doesn’t actually add<br />
more choices to allow e and d to be larger than (P − 1)(Q − 1), and so there<br />
are at most (P − 1)(Q − 1) different choices for e and d. To provide for a large<br />
number <strong>of</strong> choices for e, then, we will use very large P ’s and Q’s.<br />
12.8 RSA<br />
The RSA 10 crypto-system was invented by Ronald L. Rivest, Adi Shamir and<br />
Leonard Adelman in 1977. We have given the basics <strong>of</strong> the system. The<br />
only thing left to add is that if we are going to work modulo a large modulus,<br />
there is no need to encipher one letter at a time. We can instead use this as a<br />
polygraphic cipher.<br />
9 This statement is the “trick” behind the cipher system we are about to explain. Make<br />
sure you understand it, looking back at Theorems 12.1 and , if necessary.<br />
10 U.S. Patent No. 4, 405, 829, September 20, 1983, expired on September 20, 2000.